package com.ruge.test.springMVC.shiro.realm;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * 爱丽丝、如歌  创建于 2018/7/5 10:14
 * 说明:  TODO
 */
public class AuthRealm extends AuthorizingRealm {

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
       // int id = shiroUser.getId();
        List<ShiroRole> shiroRoles = Arrays.asList(
                new ShiroRole(1, "admin", "超管", 1),
              //  new ShiroRole(2, "student", "学生", 1),
                new ShiroRole(3, "admin", "超管", 2),
                new ShiroRole(4, "student", "学生", 3),
                new ShiroRole(5, "admin", "超管", 4)
        );
        Set<String> shiroRoleSet = new HashSet<>();
        for (ShiroRole s : shiroRoles
                ) {
            if (s.getUserId() == 1) {
                shiroRoleSet.add(s.getRoleName());
            }
        }
        info.addRoles(shiroRoleSet);
        List<ShiroPermission> shiroPermissions = Arrays.asList(
                new ShiroPermission(1, "超管页面", "admin.jsp"),
                new ShiroPermission(2, "学生页面", "user.jsp")
        );
        Set<String> permission = new HashSet<>();
        for (ShiroPermission s : shiroPermissions
                ) {
            permission.add(s.getPerUrl());
        }
        info.addStringPermissions(permission);
        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("开始认证" + authenticationToken);
        /**
         * 1  将 authenticationToken 转换成 UsernamePasswordToken
         */
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        /**
         * 2 从 UsernamePasswordToken 中 获取 userName
         */
        String userName = token.getUsername();
        /**
         * 3 调用数据库的方法  获取userName 对应的用户记录
         */
        // ShiroUser shiroUser = new ShiroUser("111111", "111111", "");
        ShiroUser shiroUser = new ShiroUser(1, "111111", "c611b11fac54571b89f42aa4e9219475", "");
        /**
         * 4 若用户不存在则可以抛出异常
         */
        if (!shiroUser.equals(shiroUser.getUserName())) {
            System.out.println("该用户不存在");
        }
        /**
         * 5 根据用户信息的情况  觉得是否抛出其他异常
         */

        /**
         * 6 根据用户的情况 构建AuthenticationInfo对象并返回
         */
        /**
         * 盐值
         */
        ByteSource salt = ByteSource.Util.bytes(userName);
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userName, shiroUser.getPassWord(), salt, getName());
        return info;
    }
}
